problem with authentication

[Sujit Choudhury]

We are running cyrus imapd which authenticates it's users against an 
ldap server.  We are getting the problem if a user types the password 
wrong, it continues to try to authenticate and after 6 retries, ldap 
server locks out the account as intrusion detection is in place.

The /etc/imapd.conf contains the following:
configdirectory: /var/imap
partition-default: /var/imap/spool
admins: john
sasl_pwcheck_method: saslauthd
sasl_mech_list: plain
altnamespace: yes
unixhierarchysep: yes
tls_cert_file: /var/imap/cyrus.pem
tls_key_file: /var/imap/cyrus.pem
virtdomains: userid
defaultdomain: foobar.co.uk
sendmail: /usr/sbin/sendmail
# popminpoll: 2

Is there anything we should do to make sure that only one attempt is 
made and it does not attempt for indefinite period.

ldap.conf is as follows:

base    o=foobar
uri     ldap://ldap.foobar.co.uk
tls     never
sasl_secprops   none
ldap_version    3
#SIZELIMIT      12
#TIMELIMIT      15
#DEREF          never

Would be grateful for some ideas.

Many thanks

Sujit Choudhury




---
Cyrus Home Page: http://asg.web.cmu.edu/cyrus
Cyrus Wiki/FAQ: http://cyruswiki.andrew.cmu.edu
List Archives/Info: http://asg.web.cmu.edu/cyrus/mailing-list.html